An introduction to cross site request forgery that aims to help viewers understand CSRF as a pattern of attack and become aware of certain hotspots in an application where CSRF can be of particular concern. It also provides basic strategies to prevent CSRF in design and implementation.

The primary intended audiences for this course are architects, developers, and testers of web applications or other software deploying web technologies. Development managers will also benefit from this material.

Acknowledgements: SAFECode would like to thank Adobe for donating the material that formed the basis for this course.